The recent discovery of a major chip vulnerability has exposed millions of devices to potential attacks, and manufacturers are rushing to fix the issues.
The vulnerability is related to speculative execution – a mechanism CPUs rely on to keep their pipelines filled with instructions so they can be as efficient as possible.
The vulnerabilities apply to AMD and Intel processors, and the security patches implemented to fix them can drastically slow down your computer.
Operating systems are also releasing patches for security holes or to restrict access to the vulnerabilities.
If unresolved, the Spectre and Meltdown attacks can leverage the vulnerability to gain access to your personal files and passwords.
Protecting your device against Spectre and Meltdown attacks requires updating your BIOS and operating system with versions that include relevant security patches.
To determine whether your system is vulnerable, the Gibson Research Centre has released a tool called InSpectre.
The file is compatible with any version of Windows and is 124kB big. It does not require a full installation and can be run as a standalone executable.
InSpectre also determines whether the security patches to fix the vulnerability have impacted the performance of your system, and includes the option to disable Spectre or Meltdown protection.
The option to disable the protection may be useful for systems which have become significantly slower, but doing this will expose them to attacks.
Visit the download page on Gibson Research Centre’s website to find out more.
Secure your device
Once you have run the tool, InSpectre will notify you of any vulnerabilities and will suggest a course of action.
Following the guidelines outlined by InSpectre, users may be required to update their operating systems and BIOS or CPU microcode firmware to protect themselves.
This can be done by visiting your PC manufacturer’s website and accessing the latest version of your BIOS, which will hopefully include the security patches.
If future solutions to vulnerabilities are found, the InSpectre utility will be updated to reflect them.
It is important to note that in order to exploit Meltdown or Spectre, an attacker must be able to execute code on your device.
This means an attacker would typically have to exploit another vulnerability to run malware that lets them gain code execution privileges on your system.